Bug 30671 - giflib new security issue CVE-2022-28506
Summary: giflib new security issue CVE-2022-28506
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, has_procedure, validated_update
Depends on:
Blocks:
 
Reported: 2022-07-25 17:29 CEST by David Walser
Modified: 2022-08-05 23:01 CEST (History)
5 users (show)

See Also:
Source RPM: giflib-5.2.1-6.mga9.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2022-07-25 17:29:55 CEST
Fedora has issued an advisory today (July 25):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B4CJSHXBD2RS5OJNWSHQZVMTQCCTIPYS/

Mageia 8 is also affected.
David Walser 2022-07-25 17:30:07 CEST

Status comment: (none) => Patch available from Fedora
Whiteboard: (none) => MGA8TOO

Comment 1 Lewis Smith 2022-07-26 08:28:13 CEST
Another update for a quiet and parentless SRPM, so assigning globally.

Assignee: bugsquad => pkg-bugs

Comment 2 Mike Rambo 2022-08-03 20:20:43 CEST
Updated packages built for cauldron and  Mageia 8


Advisory:
========================

Updated giflib package fixes security vulnerability:

It was discovered that giflib 5.2.1 (including mingw-giflib which has giflib 5.2.1 bundled) contained a heap-buffer-overflow in function DumpScreen2RGB() (CVE-2022-28506).


References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B4CJSHXBD2RS5OJNWSHQZVMTQCCTIPYS/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28506
https://sourceforge.net/p/giflib/bugs/159/
========================

Updated packages in core/updates_testing:
========================
giflib-progs-5.2.1-5.1.mga8
lib64gif7-5.2.1-5.1.mga8
lib64gif-devel-5.2.1-5.1.mga8

from giflib-5.2.1-5.1.mga8.src.rpm

mingw32-giflib-5.2.1-2.1.mga8.noarch.rpm
mingw32-giflib-static-5.2.1-2.1.mga8.noarch.rpm
mingw32-giflib-tools-5.2.1-2.1.mga8.noarch.rpm
mingw64-giflib-5.2.1-2.1.mga8.noarch.rpm
mingw64-giflib-static-5.2.1-2.1.mga8.noarch.rpm
mingw64-giflib-tools-5.2.1-2.1.mga8.noarch.rpm

from mingw-giflib-5.2.1-2.1.mga8.src.rpm


Possible testing help: https://bugs.mageia.org/show_bug.cgi?id=24378#c3

Keywords: (none) => has_procedure
CC: (none) => mhrambo3501
Whiteboard: MGA8TOO => (none)
Version: Cauldron => 8
Assignee: pkg-bugs => qa-bugs
Status comment: Patch available from Fedora => (none)

Comment 3 Herman Viaene 2022-08-04 17:02:36 CEST
MGA8-64 Plasma on Acer  Aspire 5253
No installation issues
Following lead in Comment 2
$ giftool -f "%v\n%w x %h\n" < riet.gif 
GIF87a
1770 x 1253
[tester8@mach7 Pictures]$ giftext -c < riet.gif 

Stdin:

        Screen Size - Width = 1770, Height = 1253.
        ColorResolution = 8, BitsPerPixel = 8, BackGround = 0, Aspect = 0.
        Has Global Color Map.

        Global Color Map:
        Sort Flag: off
  0: 27h 27h 28h     1: 30h 28h 20h     2: 30h 20h 30h     3: 30h 20h 26h   
  4: 30h 30h 28h     5: 28h 30h 2fh     6: 28h 28h 30h     7: 38h 27h 27h   
  8: 38h 30h 28h     9: 38h 38h 28h    10: 38h 28h 30h    11: 30h 38h 30h   
etc... and at the end:
Image #1:

        Image Size - Left = 0, Top = 0, Width = 1770, Height = 1253.
        Image is Non Interlaced.
        No Image Color Map.

GIF file terminated normally.

$ gifclrmp -s  < riet.gif  > colourmap.txt
$ cat colourmap.txt
  0  39  39  40
  1  48  40  32
  2  48  32  48
  3  48  32  38
  4  48  48  40
  5  40  48  47
etc....
$ gifclrmp -g 2.2  <riet.gif > colourmap
Generates image with brighter tones
[tester8@mach7 Pictures]$ file colourmap
colourmap: GIF image data, version 87a, 1770 x 1253
[tester8@mach7 Pictures]$ gifecho -c 244 161 174 -t "Good morning QA" > greeting.gif
bash: gifecho: command not found
Checked in MCC, command is not included, no further comments.
[tester8@mach7 Pictures]$ gif2rgb -c 8 -o rgbtest  riet.gif
Generates 3 binary files

Resullts similar enough to refered bug 24378, giving OK.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA8-64-OK

Comment 4 Thomas Andrews 2022-08-05 00:02:41 CEST
Validating. Advisory in Comment 2.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Dave Hodgins 2022-08-05 16:41:39 CEST

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 5 Mageia Robot 2022-08-05 23:01:56 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0275.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.